- Operating System: Windows XP, Service Pack 3
- Browser: IE 7.0.5730; FireFox 3.0.5
- SpyBot-Version: 1.6.0.31
- Last Update: 07.01.2009
- False positive occured: Scan result
- Spybot scan result:
Virtumonde: [SBI $845EA7F9] Ausführbare Datei (Datei, nothing done)
C:\WINDOWS\KHALMNPR.Exe
Hi everyone,
I was slightly surprised when I scanned my system with SpyBot today just to find out that one of the exe-files (situated in C:\Windows\Khalmnpr.exe) that usually comes with Logitech-mice is supposed to be infected with Virtumonde.
I've checked the file with a couple of anti-virus programs, none of them confirmed Spybot's scan-result. :blink: I'd assume it's a false positive since I don't have any sort of problem with my computer or using IE/FireFox - no random pop-ups or other kinds of strange behaviour there.
- Browser: IE 7.0.5730; FireFox 3.0.5
- SpyBot-Version: 1.6.0.31
- Last Update: 07.01.2009
- False positive occured: Scan result
- Spybot scan result:
Virtumonde: [SBI $845EA7F9] Ausführbare Datei (Datei, nothing done)
C:\WINDOWS\KHALMNPR.Exe
Hi everyone,
I was slightly surprised when I scanned my system with SpyBot today just to find out that one of the exe-files (situated in C:\Windows\Khalmnpr.exe) that usually comes with Logitech-mice is supposed to be infected with Virtumonde.
I've checked the file with a couple of anti-virus programs, none of them confirmed Spybot's scan-result. :blink: I'd assume it's a false positive since I don't have any sort of problem with my computer or using IE/FireFox - no random pop-ups or other kinds of strange behaviour there.
Thanks for reporting this false positive. You are right. :bigthumb: It will be fixed in our next update scheduled for next Wednesday. In order to help us preventing future false positives you may download our distributed testing client